customize ipsec weak cipher sets

[m256]

Hello,
I need to temporarily make an ipsec connection to some old tp-link router which supports just weak cipher sets nothing more secure than AES128-SHA1-DH5.
I know it is not available in GUI for good reasons and the support has been removed, but what if i manually edit some conf files (ipsec.conf, swanctl.con) etc.?
Is adding charon {     proposals = 3des-sha1-modp1536 } gonna do something?
What about editing conf backup and adding 3des-sha1-modp1536 to tunnel proposals?
Thanks!

[Monviech (Cedrik)]

https://docs.opnsense.org/manual/vpnet.html

Check out the custom configuration section for ipsec.

You can do anything in here that strongswan supports.

[m256]

Thank you. Seems like i was on the right track.
So to get insecure ciphers for ipsec my friend can:
1) add custom.conf with
charon {
   proposals = 3des-sha1-modp1536, aes128-sha1-modp1536
}

2) edit backup-config.xml and set this to connection node of the tunnel
<proposals>default,3des-sha1-modp1536, aes128-sha1-modp1536</proposals>

3) restore modded backup file

Correct?
Thanks!

[Monviech (Cedrik)]

I would set the whole custom tunnel in that custom configuration file.

I would not edit the config.xml or restore a tampered backup.

[Isabella Borgward]

Does this note in the documentation which says "...will not be mainted by the user interface,..." mean that it won't be possible to choose a custom proposal from the UI? If that is true then how would they be applied to an IPsec policy?

[m256]

Yes, that was my point. You are not allowed to set custom (weak) ciphers from UI, so you have to play with custom config files. I don't feel do all doing all tunnel settings in custom config, that's why I investigated restoring tampered backups alternative.

[Isabella Borgward]

Unfortunately vpnet.html is not clear on what is required here.
Am I supposed to do the entire VPN tunnel configuration as a new file in /usr/local/etc/strongswan.opnsense.d/? Or am I able to override one or more parameters by dropping a file in there?
The documentation needs some examples of what custom config looks like.

[Monviech (Cedrik)]

Code: [Select]

/usr/local/etc/swanctl/swanctl.conf
At the bottom of that file is this import statement:

Code: [Select]

# Include config snippets
include conf.d/*.conf
This means logically, it must be complete tunnel configurations that do not collide with existing auto generated configuration.

E.g. I want to add another pool, I create a file called:

Code: [Select]

/usr/local/etc/swanctl/conf.d/test.conf

Code: [Select]

pools {
    pool-rw-ipv4i {
        addrs = 172.16.208.0/24
        dns = 172.16.0.254
    }
}

Then:

Code: [Select]

configctl ipsec restart

Code: [Select]

swanctl --list-pools

Code: [Select]

pool-rw-ipv4         172.16.203.0                        0 / 0 / 254
pool-rw-ipv4i        172.16.208.0                        0 / 0 / 254

My custom pool was added.

[Isabella Borgward]

As I happens, I managed to work this out.
Given a generated configuration:

Code: [Select]

# cat /usr/local/etc/swanctl/swanctl.conf
# This file is automatically generated. Do not edit
connections {
    00000000-0000-0000-0000-000000000000 {
        proposals = aes256-sha1-modp2048
        unique = no
        aggressive = no
<snip>


We create an override .conf file containing:

Code: [Select]

connections {
    00000000-0000-0000-0000-000000000000 {
        proposals = aes256-sha1-modp1024
        }
}

restart the service and the log confirms that modp1024 was used, not modp2048. There is NO indication in the config GUI that this has happened.

[Monviech (Cedrik)]

Good job,

of course there is no indication in the GUI since everything it presents must be inside /conf/config.xml

There is no controller that parses custom configuration files and displays them.

[m256]

Managed to get over P1 using the custom conf. However no luck with P2 - i was not able to define 3des-sha1 proposal with any combination of config (triedg addin children node with esp_proposals etc.).

Isabella, did you manage to have the tunnel fully working? Also, in your custom conf file - did you use the connection id the same as in swanctl.conf, or you created full new settings (including p2 children section etc.)? Thanks!

Cedrik, the tampered backup trick had no effect in the connection (leading to no proposal chosen).
BTW If anyone struggle to see what are the proposals received - you can either set log level to "include sensitive information" to see proposals in syslog or use tcpdump

[Isabella Borgward]

Isabella, did you manage to have the tunnel fully working?

I wish I could tell you - the other end just keeps sending back NO_PROP and the administrator doesn't seem to know how to look at his logs. But I am confident that my end is using what I think I have configured, as my logs agree with the config I have created. But you just need to bear in mind that I don't 100% know my assertion of how to configure this is true, because I don't have a ph2 up yet

Also, in your custom conf file - did you use the connection id the same as in swanctl.conf, or you created full new settings (including p2 children section etc.)? Thanks!

No, not full new settings. Just overriding some elements of what was configured in UI, and then always remembering in future that what the UI says about the configuration may not be true.
The UUIDs need to match at each level.

Code: [Select]

connections {
    <the connection UUID from swanctl.conf> {
        proposals = aes256-sha1-modp1024
        children {
            <the child UUID from swanctl.conf> {
                esp_proposals = aes256-sha1
       
        }
}
}
}



[Monviech (Cedrik)]

Are you sure this does not create any race conditions between the GUI config and the overwritten config?

Is it always the same proposals after every reload/restart of the service?

I would rather create the full tunnel as single imported configuration with no GUI elements creating the same configuration.

[Isabella Borgward]

Are you sure this does not create any race conditions between the GUI config and the overwritten config?

I am not really sure about anything because I don't have Ph1 + Ph2 up and traffic passing yet and I have guessed how to configure this because I find the documentation to be unclear. However, if the "include" feature in Strongswan turns out to have some race condition which results in an indeterminate configuration, then that would be a pretty serious caveat [which should be documented loud and clear], and probably renders the include mechanism unusable in production environments.

Is it always the same proposals after every reload/restart of the service?

I can test that easily enough with, say, 10 restarts of the service.

[m256]

So, good news: I have tried with custom configs- created custom config file in swanctl\conf.d
I made a completely new connection with unique id and full settings. It worked - even with deprecated ciphers.
I also tried adding just an update to settings made in GUI like this:

Code: [Select]

connections {
    con1 {
        children {
            con1 {
                esp_proposals = aes128-sha1
            }
        }
    }
}
this worked fine as well.

What does not work is 3des for ESP. This is not done by strongswan, but kernel. Adding 3des support to freebsd would likely mean kernel recompiling.